CVE-2016-7124 Ubuntu Security Notification for Php5, Php7.0 Vulnerabilities (USN-3095-1)

2016年10月10日 1998点热度 0人点赞 0条评论

漏洞类别：Ubuntu

漏洞等级：

漏洞信息

It was discovered that PHP incorrectly handled certain invalid objects when unserializing data.

It was discovered that PHP incorrectly handled invalid session names.

It was discovered that PHP incorrectly handled certain gamma values in the imagegammacorrect function.

It was discovered that PHP incorrectly handled certain crafted TIFF image thumbnails.

It was discovered that PHP incorrectly handled unserializing certain wddxPacket XML documents.

It was discovered that PHP incorrectly handled certain memory operations.

It was discovered that PHP incorrectly handled long strings in curl_escape calls.

It was discovered that PHP incorrectly handled certain failures when unserializing data.

It was discovered that PHP incorrectly handled certain flags in the MySQL driver.

It was discovered that PHP incorrectly handled ZIP file signature verification when processing a PHAR archive.

It was discovered that PHP incorrectly handled certain locale operations.

It was discovered that PHP incorrectly handled SplArray unserializing.

It was discovered that PHP incorrectly handled unserializing wddxPacket XML documents with incorrect boolean elements.

漏洞危害

A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-7124)

A remote attacker could use this issue to inject arbitrary session data. (CVE-2016-7125)

A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-7127)

A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly expose sensitive information. (CVE-2016-7128)

A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-7129, CVE-2016-7130, CVE-2016-7131, CVE-2016-7132, CVE-2016-7413)

A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-7133)

A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-7134)

A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-7411)

Malicious remote MySQL servers could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-7412)

A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-7414)

A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-7416)

A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-7417)

A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-7418)

解决方案

Refer to Ubuntu advisory USN-3095-1 for affected packages and patching details, or update with your package manager.

Patch:
Following are links for downloading patches to fix the vulnerabilities:

USN-3095-1: 16.04 (Xenial) on src (php7.0-gd)

USN-3095-1: 12.04 (Precise) on src (php5-cli)

USN-3095-1: 12.04 (Precise) on src (php5-fpm)

USN-3095-1: 16.04 (Xenial) on src (php7.0-fpm)

USN-3095-1: 12.04 (Precise) on src (php5-gd)